Vulnerability Details CVE-2006-2546
A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow attackers to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://dev2dev.bea.com/pub/advisory/193
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016101
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26460
- http://dev2dev.bea.com/pub/advisory/193
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016101
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26460
Products affected by CVE-2006-2546
-
cpe:2.3:a:bea:weblogic_server:8.1